<?php
//Verison 1.01 April 17 2005
//V1.01 Lines changed 447, 463.  See notes
/*
*********************************************************
Class: phpforumPlus 
Description: a php class for rapid forums creation
Author: Tsiavos Chris <jaames@freemail.gr>
Date: Sep 2003
*********************************************************
Requirements: PHP,RDBMS(MySQL or PostgreSQL),a JavaScript
enabled web browser
*********************************************************
User Methods
*********************************************************
*********************************************************
FOR EXAMPLES & USAGE READ THE ACCOMPANING README FILE
*********************************************************
phpforumplus::set_member($topic)
sets the registered member name for the discussion board
-------------------------------------------------------------------------------
phpforumplus::display()
displays all the threads related to the topic plus information about the thread's sender,date &
number of replies
-------------------------------------------------------------------------------
phpforumplus::display_thread()
displays the select thread message body plus all the replies related to the current thread
-------------------------------------------------------------------------------
phpforumplus::reply_to_thread()
use this function to reply to the selected thread
-------------------------------------------------------------------------------
phpforumplus::post_new_thread()
use this function to post a new thread to the selected topic
-------------------------------------------------------------------------------
phpforumplus::display_forums()
used to display the forum topics with short content descriptions 
*******************************************************************************************
Internal Methods
*******************************************************************************************
phpforumplus::connect_to_database()
function providing connection with the database hosting the forums
-------------------------------------------------------------------------------------------
phpforumplus::close_database()
disconnects from the database hosting the forums
-------------------------------------------------------------------------------------------
phpforumplus::init_variables()
used to initialize the $_GET & other variables utilized in several places within this script
-------------------------------------------------------------------------------------------
phpforumplus::validate($variable)
this function is used to validate $_GET variables used in different sections of the script for malicious entries.
Such variables include $_GET["forumid"],$_GET["msgid"] and others
-------------------------------------------------------------------------------------------
phpforumplus::display_error($error_number)
used to graphically display error messages generated by unsuccessfull $_GET validated variables
-------------------------------------------------------------------------------------------
phpforumplus::threads_per_page($msg_count)
used to calculate the number of thread pages  according to $theads_limit_per_page value  
-------------------------------------------------------------------------------------------
phpforumplus::display_thread_and_replies()
used to display the body of the current thread & call the phpforumplus::display_replies($mystyle)
function
-------------------------------------------------------------------------------------------
phpforumplus::display_replies($mystyle)
used to display all replies associated with the current thread
-------------------------------------------------------------------------------------------
phpforumplus::reply_post_table($action,$headline,$mystyle)
used to provide the html data needed by the reply_to_thread and post_new_thread functions
-------------------------------------------------------------------------------------------
phpforumplus::create_menu()
creates the menu buttons utilized in "post new thread" & "reply to thread" scripts providing a limited number of allowable
html tags for the body of a new or reply thread
-------------------------------------------------------------------------------------------
phpforumplus::insert_javascript($for_what)
inserts the javascript needed by the menu buttons to function properly
-------------------------------------------------------------------------------------------
phpforumplus::execute_query($query)
function that executes the sql query defined in the $query variable
-------------------------------------------------------------------------------------------
phpforumplus::insert_element($form_name,$form_body)
complementary function for phpforumplus::insert_javascript($for_what)
-------------------------------------------------------------------------------------------
*/
require_once("DB.php");
include("style.php");

class phpforumPlus {
/*//----------------environment options--------------
var $member;
//----------------end environment options---------
//----------------page options----------------------
var $display_forum;
var $view_thread_page;
var $reply_page;
var $post_new_thread_page;
var $search_page;
//-----------------end_page options---------------
//---------------database options------------------
var $threads_limit_per_page;
var $thread_length_limit;
var $headline_length_limit;
var $database_type;
var $db_host;
var $db_user;
var $db_passwd;
var $forum_database;
var $topic_tables;
var $table_struct;
//-------------end_database options------------
//-------------icon options-----------------------
var $forum_icon;
var $thread_icon;
var $hot_thread_icon;
var $hot_thread_limit;
//------------end_icon options------------------
//------------stylesheet options------------------
var $style_type;
//-------------end-stylesheet-options-----------	
//------------site options-------------------------
var $welcome_msg;
var $site_administrator;
//-------------end_site options------------------*/
//------------internal vatiables-------------------
var $hd;
var $int_forumid;
var $int_post_table;
var $int_replies_table;
var $int_sort_by;
var $int_order;
var $int_position;
var $int_id;
var $int_target;
var $int_body;
var $int_member;
var $int_headline;
var $int_date_posted;
var $int_post_views;
var $int_post_headline;
var $int_post_body;
var $int_post_date_posted;
var $int_post_member;
var $generator;
//------------end internal variables-------------

function connect_to_database() {
$hd=DB::connect("$this->database_type://$this->db_user:$this->db_passwd@$this->db_host/$this->forum_database");
if (DB::isError($hd)) die ($hd->getMessage());
$this->hd=$hd;	
}

function close_database() {
$this->hd->disconnect();	
}

function init_variables() {
$this->int_target=$_SERVER["PHP_SELF"];

$this->int_forumid=$this->validate($_GET["forumid"]);
$this->int_sort_by=$this->validate($_GET["sort_by"]);
$this->int_order=$this->validate($_GET["order"]);
$this->int_position=$this->validate($_GET["position"]);

$this->int_post_table=$this->topic_tables[$this->int_forumid][0];
$this->int_replies_table=$this->topic_tables[$this->int_forumid][1];

$this->int_id=$this->table_struct["table_replies"][0];
$this->int_member=$this->table_struct["table_replies"][1];
$this->int_headline=$this->table_struct["table_replies"][2];
$this->int_body=$this->table_struct["table_replies"][3];
$this->int_date_posted=$this->table_struct["table_replies"][4];

$this->int_post_member=$this->table_struct["table_posts"][1];
$this->int_post_headline=$this->table_struct["table_posts"][2];
$this->int_post_body=$this->table_struct["table_posts"][3];
$this->int_post_date_posted=$this->table_struct["table_posts"][4];
$this->int_post_views=$this->table_struct["table_posts"][5];

$this->generator="<meta NAME=\"GENERATOR\" CONTENT=\"phpforumPlus http://phpclasses.byting.at/browse.html/package/1317.html\">";
}

function set_member($mymember) {
$this->member=$mymember;	
}

function validate($variable) {

if (!isset($variable)) $this->display_error("Missing GET arguments in URL");

switch ($variable) {
	
           case ($_GET["forumid"]):
                   foreach ($this->topic_tables as $topic => $key) {
		         $topic=urlencode($topic);
                   	 if (md5($topic)==md5(urlencode($variable))) return ($variable);
                   }
                   $this->display_error("Invalid forum selected");
                                                                                                    
           case ($_GET["position"]):
           	        if (basename($_SERVER["PHP_SELF"])==$this->post_new_thread_page) {
           	        return 0;
           	        break;
           	        }
                   $resultset=$this->execute_query("select max(".$this->table_struct["table_posts"][0].") from ".$this->topic_tables[$_GET["forumid"]][0]);
                   $msg_count=$resultset->fetchRow();
                   if (empty($msg_count[0])) $this->display_error("Forum empty");
                   if ($variable>$msg_count[0]-1 || !ereg("^[0-9]+$",$variable))
                       $this->display_error("Invalid position identifier");  
                       else  
                       return ($variable);  
                       
           case ($_GET["sort_by"]):
	        $date_posted_field=$this->table_struct["table_posts"][4];
		$member_field=$this->table_struct["table_posts"][1];
	        !preg_match("/^($date_posted_field|$member_field)$/",$variable) && $this->display_error("Invalid sort identifier");
                    return ($variable);
                      
           case ($_GET["order"]):
           	       !preg_match("/^(asc|desc)$/",$variable) && $this->display_error("Invalid order value");       
                   return ($variable);

           case ($_POST["reply_body"] || $_POST["post_body"]):
		if (strlen($variable)>$this->thread_length_limit)
                   $this->display_error("Message too long");
                   else
                   return addslashes(strip_tags($variable,"<a><b><i><sub><sup>"));

          case ($_GET["method"]):
	              !preg_match("/^(simple|advanced)$/",$variable) && $this->display_error("Invalid search method");
	          return ($variable);

       	  case ($_GET["msgid"]):
                   $resultset=$this->execute_query("select max(".$this->table_struct["table_posts"][0].") from ".$this->topic_tables[$_GET["forumid"]][0]);
                   $msg_count=$resultset->fetchRow();
                   if ($variable>$msg_count[0] || !ereg("^[0-9]+$",$variable))
                       $this->display_error("Invalid thread number");
                   else
                   return ($variable);  

}

}

function display_error($error) {
$inf="We are sorry for the inconvenience.If you see this message regularly contact the site administrator at <a href=\"mailto:$this->site_administrator\">$this->site_administrator</a>";
switch ($error) {
       case "Invalid forum selected":
               $error_descr="The requested forum was not found.$inf";
               break;
       case "Invalid thread number":
               $error_descr="The requested thread was not found in database.$inf";
               break;
       case "Invalid position identifier":
               $error_descr="The requested forum portion cannot be displayed.$inf";
	       break;
       case "Message too long":
               $error_descr="Your reply message was too long to be sent.Please try to reduce if possible your message length in order to be conformed to limits set by the site administrator";	
               $error_descr.=" <a href=\"mailto:$this->site_administrator\">$this->site_administrator</a>";
               break;
       case "Invalid sort identifier":
              $error_descr=$inf;
              break;
       case "Invalid order value":
              $error_descr=$inf;       
              break;
       case "Missing GET arguments in URL":
              $error_descr=$inf;
              break;
       case "Empty Subject or message body not permitted":
              $error_descr="Please type a valid subject or body for your message";
              break;
       case "Invalid search method":
              $error_descr="Supplied seach method is invalid.Check the GET['method'] variable";
              break;
       case "Forum empty":
       	  print ("<strong>No threads have been uploaded for this forum topic.Be the first!</strong><br/>");
       	  die("<a href=\"$this->post_new_thread_page?forumid=".urlencode($this->int_forumid)."&position=0&sort_by=$this->int_sort_by&order=$this->int_order\">Post new thread</a>");
}

print("<html>\n<head>\n<title>Error</title>\n");
$mystyle=new style($this->style_type); 
$table_body_style=$mystyle->table_body_section[0];

print <<< ERROR_TABLE
</head>
<body>
<table border="$mystyle->table_border" width="$mystyle->table_width" height="$mystyle->table_height" cellspacing="$mystyle->table_cell_spacing" cellpadding="$mystyle->table_cell_padding">
<tr>
<td class="$mystyle->table_info_section"><strong>Error</strong></td>
<td class="$table_body_style">$error</td>
</tr>
<tr>
<td class="$mystyle->table_info_section"><strong>Description</strong></td>
<td class="$table_body_style">$error_descr</td>
</tr>
</table>
<br/>
<a href="javascript:history.go(-1);">Back</a>
</body>
</html>
ERROR_TABLE;
exit;
}
		

function display_forums() {
	
	$this->connect_to_database();

	$db_member=$this->table_struct["table_posts"][1];
	$db_headline=$this->table_struct["table_posts"][2];
	$db_date_posted=$this->table_struct["table_posts"][4];
	$db_id=$this->table_struct["table_posts"][0];

	foreach ($this->topic_tables as $topic=>$value) {
	            $resultset=$this->execute_query("select * from ".$this->topic_tables[$topic][0]." order by $db_date_posted desc");
	            $row=$resultset->fetchRow(DB_FETCHMODE_ASSOC);
	            
	            $id[$topic]=$row[$db_id];
	            $member[$topic]=$row[$db_member];
	            $headline[$topic]=$row[$db_headline];
	            $date_posted[$topic]=$row[$db_date_posted];		
	            $msg_count[$topic]=$resultset->numRows();
	}

print("<html>\n<head>\n<title>Forum Topics</title>\n");
$mystyle=new style($this->style_type); 

if (!empty($this->forum_icon)) $has_forum_icon="<td class=\"$mystyle->table_info_section\">&nbsp;</td>";

print <<< DISPLAY_PAGE_HEAD
</head>
<body>
<h4>Forum topics</h4>
<strong>$this->welcome_msg</strong>
<table border="$mystyle->table_border" width="$mystyle->table_width" height="$mystyle->table_height" cellspacing="$mystyle->table_cell_spacing" cellpadding="$mystyle->table_cell_padding">
<tr>
$has_forum_icon
<td class="$mystyle->table_info_section">Forums</td>
<td class="$mystyle->table_info_section" align="center">Total Posts</td>
<td class="$mystyle->table_info_section" align="center">Last Post</td>
</tr>
<tr>\n
DISPLAY_PAGE_HEAD;

$style=0;
foreach ($this->topic_tables as $topic => $key) {

	     if (!empty($this->forum_icon[$topic])) 
	     $forum_icon[$topic]="<td class=\"".$mystyle->table_body_section[$style]."\"><img src=\"".$this->forum_icon[$topic]."\" width=\"40\" height=\"40\"></td>";
	     else {
	     	if ($has_forum_icon)
	        $forum_icon[$topic]="<td class=\"".$mystyle->table_body_section[$style]."\">&nbsp;</td>";
		}
	     
print (
$forum_icon[$topic]."
<td class=\"".$mystyle->table_body_section[$style]."\"><a href=\"$this->display_forum?forumid=".urlencode($topic)."&position=0&sort_by=$db_date_posted&order=desc\">$topic</a>
<br/>"
.$key[2].
"</td>
<td class=\"".$mystyle->table_body_section[$style]."\" align=\"center\">".$msg_count[$topic]."</td>
<td class=\"".$mystyle->table_body_section[$style]."\" align=\"center\">".$member[$topic]." <br/><a href=\"$this->view_thread_page?forumid=".urlencode($topic)."&msgid=".$id[$topic]."&position=0&sort_by=$db_date_posted&order=desc\"'>".$headline[$topic]."</a> <br/>".$date_posted[$topic]."</td>
</tr>\n");
$style++;
if ($style==count($mystyle->table_body_section)) $style=0;
}
if ($has_forum_icon) $colspan=4;
else $colspan=3;
print("<td class=\"$mystyle->table_footer_section\" colspan=\"$colspan\">&nbsp;</td>\n</table>\n</body>\n</html>");

}

function display() {
	
	$this->connect_to_database();
	$this->init_variables();

	$resultset=$this->execute_query("select * from $this->int_post_table");	
	$msg_count=$resultset->numRows();

	if ($this->database_type=="pgsql")
		$resultset=$this->execute_query("select * from $this->int_post_table order by $this->int_sort_by $this->int_order limit $this->threads_limit_per_page,$this->int_position");
	else
		$resultset=$this->execute_query("select * from $this->int_post_table order by $this->int_sort_by $this->int_order limit $this->int_position,$this->threads_limit_per_page");

print ("<html>\n<head>\n<title>Forum threads for topic: $this->int_forumid</title>\n$this->generator\n");
$mystyle=new style($this->style_type);

print "</head><body>";
//1Jump to forum
//2<form name="jump">
//3<select name="jump_to_forum" onChange="window.location=document.jump.jump_to_forum.options[document.jump.jump_to_forum.selectedIndex].value;">
//4<option value="#">Choose forum</option>\n
//5SELECT_FORUM;

//6foreach ($this->topic_tables as $forum=>$value) 
//7print("<option value=\"$this->display_forum?forumid=".urlencode($forum)."&position=0&sort_by=".$this->table_struct["table_posts"][4]."&order=desc\">$forum - ".$value[2]."</option>\n");

$fixed_forumid=urlencode($this->int_forumid);
!empty($this->forum_icon[$this->int_forumid]) && $forum_icon="<img src=\"".$this->forum_icon[$this->int_forumid]."\" width=\"40\" height=\"40\" align=\"left\">" ;

print <<< DISPLAY_PAGE_HEAD
$forum_icon
<br/>
<a href="$this->post_new_thread_page?forumid=$fixed_forumid&position=$this->int_position&sort_by=$this->int_sort_by&order=$this->int_order">Post new thread</a>
<br/>
<br/>
<form method="post" action="$this->search_page?forumid=$fixed_forumid&position=$this->int_position&sort_by=$this->int_sort_by&order=$this->int_order&method=simple">
<input type="text" name="search" size="25" maxlength="25">
<input type="submit" name="submit" value="search" onClick="javascript:this.value='Please Wait...';">
<a href="$this->search_page?forumid=$fixed_forumid&position=$this->int_position&sort_by=$this->int_sort_by&order=$this->int_order&method=advanced">Advanced Search</a>
</form>
<br/>
<table border="$mystyle->table_border" cellspacing="$mystyle->table_cell_spacing" cellpadding="$mystyle->table_cell_padding" width="$mystyle->table_width">
<tr>
<td class="$mystyle->table_info_section">&nbsp;</td>
<td class="$mystyle->table_info_section">Member</td>
<td class="$mystyle->table_info_section">Subject</td>
<td class="$mystyle->table_info_section">Date Posted</td>
<td class="$mystyle->table_info_section">Views</td>
<td class="$mystyle->table_info_section">Replies</td>
</tr>\n
DISPLAY_PAGE_HEAD;

$stylesheet=0;
while ($row=$resultset->fetchRow(DB_FETCHMODE_ASSOC)) {
	
	$current_stylesheet=$mystyle->table_body_section[$stylesheet];
	!empty($this->thread_icon) && $has_icon="<td class=\"$current_stylesheet\"><img src=\"$this->thread_icon\"></td>";
	$msgid=$row[$this->table_struct["table_posts"][0]];
	
	$replies_number="select count(*) as msg_count from $this->int_replies_table where $this->int_id=$msgid";

           $replies_fetch=$this->hd->query($replies_number);
           if (DB::isError($replies_fetch)) die ($replies_fetch->getMessage());
           $replies_number_result=$replies_fetch->fetchRow(DB_FETCHMODE_ASSOC);   
           if ($replies_number_result["msg_count"]==NULL) $replies_number_result["msg_count"]=0;
           $number_of_replies=$replies_number_result["msg_count"]; 
           if ($number_of_replies>$this->hot_thread_limit) $has_icon="<td class=\"$current_stylesheet\"><img src=\"$this->hot_thread_icon\" width=18 height=18></td>";
	
        $member=$row[$this->int_post_member];
	$headline=$row[$this->int_post_headline];
	$date_posted=$row[$this->int_post_date_posted];
	$views=$row[$this->int_post_views];

	isset($views) || $views=0;

print <<< DISPLAY_THREADS
<tr>
<td class="$current_stylesheet">$qtyays</td>
<td class="$current_stylesheet">$member</td>
<td class="$current_stylesheet"><a href="$this->view_thread_page?forumid=$fixed_forumid&msgid=$msgid&position=$this->int_position&sort_by=$this->int_sort_by&order=$this->int_order">$headline</a></td>
<td class="$current_stylesheet">$date_posted</td>
<td class="$current_stylesheet">$views</td>
<td class="$current_stylesheet">$number_of_replies</td>
</tr>\n
DISPLAY_THREADS;

	$current_msg_count++;
	$stylesheet++;
	if ($stylesheet==count($mystyle->table_body_section)) $stylesheet=0;
}

$disp=$current_msg_count+$this->int_position;

if (empty($has_icon)) $colspan=6;
else $colspan=6;

print (
"<tr>
<td class=\"$mystyle->table_footer_section\" colspan=\"$colspan\"><strong><center>Displaying threads ".(int)($this->int_position+1)." to $disp of $msg_count</center></strong></td>
</tr>
</table>
<br/>
<table width=\"$mystyle->table_width\">
<tr>\n");

if ($this->int_position-1>0 && $this->int_position<$msg_count-$current_msg_count) {
print(
"<td align=\"right\">
<a href=\"$this->int_target?forumid=".urlencode($this->int_forumid)."&position=".(int)($this->int_position-$this->threads_limit_per_page)."&sort_by=$this->int_sort_by&order=$this->int_order\">Back</a> |
<a href=\"$this->int_target?forumid=".urlencode($this->int_forumid)."&position=$disp&sort_by=$this->int_sort_by&order=$this->int_order\">Next</a></td>");
}
else if ($this->int_position==0 && $msg_count>$current_msg_count)
print (
"<td align=\"right\">
<a href=\"$this->int_target?forumid=".urlencode($this->int_forumid)."&position=$disp&sort_by=$this->int_sort_by&order=$this->int_order\">Next</a></td>");
if ($this->int_position==$msg_count-$current_msg_count && $this->int_position!=0) {
print("
<td align=\"right\">
<a href=\"$this->int_target?forumid=".urlencode($this->int_forumid)."&position=".(int)($this->int_position-$this->threads_limit_per_page)."&sort_by=$this->int_sort_by&order=$this->int_order\">Back</a>");
}
print("</tr>\n<tr>\n");
$this->threads_per_page($msg_count);
print("</tr>\n</table>\n<br/>\n");

$date_posted_column=$this->table_struct["table_posts"][4];
$member_column=$this->table_struct["table_posts"][1];

print <<< SORT_THREADS_FORM
<form method="get" action="$this->int_target" type="multipart/form-data" name="sort_form">
<input type="hidden" name="forumid" value="$this->int_forumid">
<input type="hidden" name="position" value="0">
<table>
<tr>
</tr>
<td>Sort threads by</td>
<td>
<select name="sort_by">
<option value="$date_posted_column">date_posted</option>
<option value="$member_column">member name</option>
</select>
</td>
<td>
order 
</td>
<td>
<select name="order">
<option value="asc">ascending</option>
<option value="desc">descending</option>
</select>
</td>
<td><input type="submit" name="sort" value="sort" onClick="javascript:this.value='Please Wait...';"></td>
</tr>
<tr>
<td colspan="5"><small><strong>Sort:</strong>$this->int_sort_by/$this->int_order</small></td>
</tr>
<tr>
</tr>
</table>
</form>
</body>
</html>
SORT_THREADS_FORM;

$this->close_database();

}

function threads_per_page($msg_count) {
print ("<td align=\"center\">Go to page: ");
$page=0;
for ($i=0;$i<$msg_count;$i+=$this->threads_limit_per_page) {
      if ($_GET["position"]==$i)
      print ("<a href=\"$this->int_target?forumid=".urlencode($this->int_forumid)."&position=$i&sort_by=$this->int_sort_by&order=$this->int_order\"><big><strong>$page</strong></big></a>&nbsp;");
      else
      print ("<a href=\"$this->int_target?forumid=".urlencode($this->int_forumid)."&position=$i&sort_by=$this->int_sort_by&order=$this->int_order\">$page</a> ");
      $page++;
}
print ("</td>");		
}

function execute_query($query) {
$result=$this->hd->query($query);
if (DB::isError($result)) die ($result->getMessage());
return $result;		
}

function search() {

$this->connect_to_database();
$this->init_variables();
$this->validate($_GET["method"]);

switch ($_GET["method"]) {
	case "simple":
	print("<html>\n<head>\n<title>Search Results for ".$_POST["search"]."</title>\n$this->generator\n");
	break;
	case "advanced":
	print("<html>\n<head>\n<title>Advanced Search</title>\n$this->generator\n");
}
$mystyle=new style($this->style_type); 
print("\n</head>\n<body>\n<a href=\"javascript:history.go(-1);\">Back</a>\n");

switch ($_GET["method"]) {

	case "advanced":

$fixed_forumid=urlencode($this->int_forumid);
$current_stylesheet=$mystyle->table_body_section[0];

print <<<SEARCH_TABLE
<br/>
<br/>
<form method="post" action="$this->search_page?forumid=$fixed_forumid&position=$this->int_position&sort_by=$this->int_sort_by&order=$this->int_order&method=advanced">
<table border="$mystyle->table_border" cellspacing="$mystyle->table_cell_spacing" cellpadding="$mystyle->table_cell_padding" width="$mystyle->table_width">
<tr>
<td class="$mystyle->table_info_section">Advanced Search</td>
<td class="$mystyle->table_info_section">&nbsp;</td>
</tr>
<tr>
<td class="$mystyle->table_info_section">Search by</td>
<td class="$current_stylesheet">
<select name="search_by">
<option value="$this->int_post_member">member</option>
<option value="$this->int_post_headline">headline</option>
</select>
</td>
</tr>
<tr>
<td class="$mystyle->table_info_section">&nbsp;</td>
<td class="$current_stylesheet">
My search:
<input type="radio" name="radiobutton" value="starting" checked> Starts with
<input type="radio" name="radiobutton" value="ending"> Ends with
<input type="radio" name="radiobutton" value="contains"> Contains
<br/>
<br/>
<input type="text" name="adv_search" size="25" maxlength="25">
<input type="submit" name="submit" value="Search" onClick="javascript:this.value='Please Wait...';">
</td>
</tr>
<tr>
<td class="$mystyle->table_info_section">Options</td>
<td class="$current_stylesheet">
Sort results by
<select name="sort_by">
<option value="$this->int_post_member">member</option>
<option value="$this->int_post_headline">headline</option>
<option value="$this->int_post_date_posted">date_posted</option>
</select>
order
<select name="order">
<option value="asc">ascending</option>
<option value="desc">descending</option>
</select>
</td>
</tr>
</table>
</form>
SEARCH_TABLE;

if (!empty($_POST["submit"])) {
	    $keyword=$_POST["search_by"];
            $search_value=strip_tags(addslashes($_POST["adv_search"]));
	    $sort=$_POST["sort_by"];	
	    $order=$_POST["order"];
	    switch ($_POST["radiobutton"]) {
			case "starting":
			$result=$this->execute_query("select * from $this->int_post_table where $keyword LIKE '$search_value%' order by $sort $order");
			break;
			case "ending":
			$result=$this->execute_query("select * from $this->int_post_table where $keyword LIKE '%$search_value' order by $sort $order");
			break;
			case "contains":
			$result=$this->execute_query("select * from $this->int_post_table where $keyword LIKE '%$search_value%' order by $sort $order");
	   		break;

	    }

	    if ($result->numRows()==0) die("\n<strong>No Matches found.Please repeat your search</strong>\n</body>\n</html>");
else {
print <<<RESULTS
<h3>Search Results for $search_value</h3>
<table border="$mystyle->table_border" cellspacing="$mystyle->table_cell_spacing" cellpadding="$mystyle->table_cell_padding" width="$mystyle->table_width">
<tr>
<td class="$mystyle->table_info_section">Thread Headline</td>
<td class="$mystyle->table_info_section">Member</td>
<td class="$mystyle->table_info_section">Date Posted</td>
<td class="$mystyle->table_info_section">Views</td>
<td class="$mystyle->table_info_section">Replies</td>
</tr>
RESULTS;

$stylesheet=0;
while ($row=$result->fetchRow(DB_FETCHMODE_ASSOC)) {
      $current_stylesheet=$mystyle->table_body_section[$stylesheet];
      $msgid=$row[$this->table_struct["table_posts"][0]];

	$replies_num=$this->execute_query("select $this->int_id,count(*) as msg_count from $this->int_replies_table group by $this->int_id having $this->int_id=$msgid");

	$replies_number_result=$replies_num->fetchRow(DB_FETCHMODE_ASSOC);
      	if ($replies_number_result["msg_count"]==NULL) $replies_number_result["msg_count"]=0;
	$number_of_replies=$replies_number_result["msg_count"];

	$member=$row[$this->int_post_member];
	$headline=$row[$this->int_post_headline];
	$date_posted=$row[$this->int_post_date_posted];
	$views=$row[$this->int_post_views];

	isset($views) || $views=0;

print ("
<tr>
<td class=\"$current_stylesheet\">
<a href=\"$this->view_thread_page?forumid=$fixed_forumid&msgid=$msgid&position=$this->int_position&sort_by=$this->int_sort_by&order=$this->int_order\">$headline</a>
</td>
<td class=\"$current_stylesheet\">$member</td>
<td class=\"$current_stylesheet\">$date_posted</td>
<td class=\"$current_stylesheet\">$views</td>
<td class=\"$current_stylesheet\">$number_of_replies</td>
</tr>");

$stylesheet++;
if ($stylesheet==count($mystyle->table_body_section)) $stylesheet=0;

}

print<<<FOOTER
<tr>
<td class="$mystyle->table_footer_section" colspan="5">&nbsp;</td>
</tr>
</table>
</body>
</html>
FOOTER;
}

}
break;
	case "simple":

print ("<h3>Search Results for '".$_POST["search"]."'</h3>");
$keyword=strip_tags(addslashes($_POST["search"]));
$result=$this->execute_query("select * from $this->int_post_table where $this->int_post_headline LIKE '%$keyword%'");
if ($result->numRows()==0) die("\n<strong>No Matches found.Please repeat your search</strong>\n</body>\n</html>");

print<<<TABLE_RESULTS
<table border="$mystyle->table_border" cellspacing="$mystyle->table_cell_spacing" cellpadding="$mystyle->table_cell_padding" width="$mystyle->table_width">
<tr>
<td class="$mystyle->table_info_section">Thread Headline</td>
<td class="$mystyle->table_info_section">Member</td>
<td class="$mystyle->table_info_section">Date Posted</td>
<td class="$mystyle->table_info_section">Views</td>
</tr>
TABLE_RESULTS;

$stylesheet=0;
while ($row=$result->fetchRow(DB_FETCHMODE_ASSOC)) {
	$current_stylesheet=$mystyle->table_body_section[$stylesheet];
        $msgid=$row[$this->table_struct["table_posts"][0]];
	$member=$row[$this->int_post__member];
	$headline=$row[$this->int_post_headline];
	$date_posted=$row[$this->int_post_date_posted];
	$views=$row[$this->int_post_views];

	isset($views) || $views=0;
      $fixed_forumid=urlencode($this->int_forumid);

print ("
<tr>
<td class=\"$current_stylesheet\">
<a href=\"$this->view_thread_page?forumid=$fixed_forumid&msgid=$msgid&position=$this->int_position&sort_by=$this->int_sort_by&order=$this->int_order\">$headline</a>
</td>
<td class=\"$current_stylesheet\">$member</td>
<td class=\"$current_stylesheet\">$date_posted</td>
<td class=\"$current_stylesheet\">$views</td>
</tr>");

$stylesheet++;
if ($stylesheet==count($mystyle->table_body_section)) $stylesheet=0;

}
print<<<REMAIN
<tr>
<td class="$mystyle->table_footer_section" colspan="4">&nbsp;</td>
</tr>
</table>
<br/>
<form method="post" action="$this->search_page?forumid=$fixed_forumid&position=$this->int_position&sort_by=$this->int_sort_by&order=$this->int_order&method=simple">
<input type="text" name="search" size="25" maxlength="25">
<input type="submit" name="submit" value="search" onClick="javascript:this.value='Please Wait...';">
<a href="$this->search_page?forumid=$fixed_forumid&position=$this->int_position&sort_by=$this->int_sort_by&order=$this->int_order&method=advanced">Advanced Search</a>
</form>
</body>
</html>
REMAIN;
}

}

function display_thread() {
$this->connect_to_database();
$this->display_thread_and_replies();
$this->close_database();
}

function display_thread_and_replies() {
	
	$this->init_variables();
	$msgid=$this->validate($_GET["msgid"]);
	$post_id=$this->table_struct["table_posts"][0];

if ($this->database_type=="pgsql")
$this->execute_query("update $this->int_post_table set $this->int_post_views=case when $this->int_post_views is NULL then 1 else $this->int_post_views+1 end where $post_id=$msgid");
else
$this->execute_query("update $this->int_post_table set $this->int_post_views=IF($this->int_post_views IS NULL,1,$this->int_post_views+1) where $post_id=$msgid");

print("<html>\n<head>\n<title>View thread</title>\n$this->generator\n");
$mystyle=new style($this->style_type); 
print("\n</head>\n<body>\n");

print ("<a href=\"$this->reply_page?forumid=".urlencode($this->int_forumid)."&msgid=$msgid&position=$this->int_position&sort_by=$this->int_sort_by&order=$this->int_order\">Reply</a> |
<a href=\"$this->display_forum?forumid=".urlencode($this->int_forumid)."&position=$this->int_position&sort_by=$this->int_sort_by&order=$this->int_order\">Back</a>\n<br/>");

$resultset=$this->execute_query("select count(*) as msg_count from $this->int_replies_table where $this->int_id=$msgid");
$replies_number_result=$resultset->fetchRow(DB_FETCHMODE_ASSOC);
if (empty($replies_number_result["msg_count"])) $replies_number_result["msg_count"]=0;

$resultset=$this->execute_query("select * from $this->int_post_table where $post_id=$msgid");

print (
"<br/>
<strong>Thread</strong>
<br/>
<br/>
<table border=\"$mystyle->table_border\" cellspacing=\"$mystyle->table_cell_spacing\" cellpadding=\"$mystyle->table_cell_padding\" width=\"$mystyle->table_width\" height=\"$mystyle->height\">\n");

$stylesheet=$mystyle->table_body_section[0];

	$row=$resultset->fetchRow(DB_FETCHMODE_ASSOC);
	$member=$row[$this->int_post_member];
	$resultset=$this->execute_query("select count(*) as total_posts from $this->int_post_table where $this->int_post_member='$member'");
	$posts=$resultset->fetchRow(DB_FETCHMODE_ASSOC);
	$posts_number=$posts["total_posts"];
	$date_posted=$row[$this->int_post_date_posted];
	$headline=stripslashes(trim($row[$this->int_post_headline]));
	$replies=$replies_number_result["msg_count"];
	$message_body=nl2br(trim(stripslashes($row[$this->int_post_body])));
	
print <<<DISPLAY_POST_BODY
<tr>
<td class="$mystyle->table_info_section">Sender</td>
<td class="$mystyle->table_info_section">Threads Posted</td>
<td class="$mystyle->table_info_section">Date Posted</td>
<td class="$mystyle->table_info_section">Subject</td>
<td class="$mystyle->table_info_section">Replies</td>
</tr>
<tr>
<td class="$stylesheet">$member</td>
<td class="$stylesheet">$posts_number</td>
<td class="$stylesheet">$date_posted</td>
<td class="$stylesheet">$headline</td>
<td class="$stylesheet">$replies</td>
</tr>	
<tr>  
<td class="$stylesheet" colspan="5">$message_body</td>
</tr>\n
DISPLAY_POST_BODY;

print ("</table>\n<br/>\n<br/>\n<br/>\n");

$this->display_replies($mystyle);

}

function display_replies($mystyle) {

	$date_posted_column=$this->table_struct["table_replies"][4];
	$member_column=$this->table_struct["table_replies"][1];

	!empty($_POST["sort_by"]) || $_POST["sort_by"]="$date_posted_column";
	!empty($_POST["order"]) || $_POST["order"]="desc";
	$sort_by=$_POST["sort_by"];
	$order=$_POST["order"];
		
	$msgid=$_GET["msgid"];
	$url=urlencode($this->int_forumid);

print <<<DISPLAY_FORM_REPLIES
<form method="post" action="$this->int_target?forumid=$url&msgid=$msgid&position=$this->int_position&sort_by=$this->int_sort_by&order=$this->int_order" type="multipart/form-data">
<table>
<tr>
<td>Sort replies by</td>
<td>
<select name="sort_by">
<option value="$date_posted_column">date_posted</option>
<option value="$member_column">member name</option>
</select>
</td>
<td>
order
</td> 
<td>
<select name="order">
<option value="asc">ascending</option>
<option value="desc">descending</option>
</select>
</td>
<td><input type="submit" name="sort" value="sort" onClick="javascript:this.value='Please Wait...';"></td>
</tr>
<tr>
<td colspan="5"><small><strong>Sort:</strong>$sort_by/$order</small></td>
</tr></table>
<br/>
DISPLAY_FORM_REPLIES;

$resultset=$this->execute_query("select * from $this->int_replies_table where $this->int_id=$msgid order by $sort_by $order");
if ($resultset->numRows()==0)
print ("<br/>\n<strong>No Replies</strong>\n<br/>\n");
else {
print <<<DISPLAY_TABLE
<br/>\n<strong>Replies</strong>\n<br/>\n
<table border="$mystyle->table_border" cellspacing="$mystyle->table_cell_spacing" cellpadding="$mystyle->table_cell_padding" width="$mystyle->table_width" height="$mystyle->height">
<tr>
<td class="$mystyle->table_info_section">Sender</td>
<td class="$mystyle->table_info_section">Subject</td>
<td class="$mystyle->table_info_section">Date Posted</td>
</tr>
DISPLAY_TABLE;

$stylesheet_number=0;
while ($row=$resultset->fetchRow(DB_FETCHMODE_ASSOC)) {

         $current_stylesheet=$mystyle->table_body_section[$stylesheet_number];
         $date_posted=$row[$this->int_date_posted];
         $headline=strip_tags(trim(stripslashes($row[$this->int_headline])));
         $member=$row[$this->int_member];
         $message_body=nl2br(trim(stripslashes($row[$this->int_body])));

print <<< DISPLAY_REPLIES
<tr>
<td class="$current_stylesheet">$member</td>
<td class="$current_stylesheet">$headline</td>
<td class="$current_stylesheet">$date_posted</td>
</tr>
<tr>
<td class="$current_stylesheet" colspan="3">$message_body</td>
</tr>\n
DISPLAY_REPLIES;

         $stylesheet_number++;
         if ($stylesheet_number==count($mystyle->table_body_section)) $stylesheet_number=0;
}
print("<tr>\n<td class=\"$mystyle->table_info_section\" colspan=\"3\">&nbsp;</td>\n</tr>\n</table>\n");
}
print("</body>\n</html>");
}

function reply_to_thread() {

	$this->connect_to_database();
	$this->init_variables();

	$msgid=$this->validate($_GET["msgid"]);
	$post_id=$this->table_struct["table_posts"][0];

if (!empty($_POST["reply"])) {
	    $message_body=$this->validate($_POST["reply_body"]);
	    $message_headline=addslashes(strip_tags($_POST["reply_headline"]));
	    if (empty($message_headline) || empty($message_body))
	    	$this->display_error("Empty Subject or message body not permitted");

$reply_query=<<< REPLY_QUERY
insert into $this->int_replies_table values ($msgid,'$this->member','$message_headline','$message_body',now())
REPLY_QUERY;

	$this->execute_query($reply_query);
	print ("<html>\n<head>\n<title>Reply to thread</title>\n$this->generator\n");
	$mystyle=new style($this->style_type); 
	print("\n</head>\n<body>\n");
	print ("<h3>Your reply message has been sent</h3>\n");
	print ("<a href=\"$this->view_thread_page?forumid=".urlencode($this->int_forumid)."&msgid=$msgid&position=$this->int_position&sort_by=$this->int_sort_by&order=$this->int_order\">Go back</a>\n");
}
else {
          $resultset=$this->execute_query("select $this->int_post_headline from $this->int_post_table where $post_id=$msgid");
          $headline=$resultset->fetchRow();
	  print ("<html>\n<head>\n<title>Reply to thread</title>\n$this->generator\n");
	  $mystyle=new style($this->style_type); 
	  $this->insert_javascript("for_replies_page");
	  print("</head>\n<body>\n");
          print ("<h4>Reply to thread: ".$headline[0]."</h4>\n");
          print("<a href=\"$this->view_thread_page?forumid=".urlencode($this->int_forumid)."&msgid=$msgid&position=$this->int_position&sort_by=$this->int_sort_by&order=$this->int_order\">Go back</a>\n<br/>\n<br/>\n");
          print ("<form name=\"reply_form\" method=\"post\" action=\"$this->int_target?forumid=".urlencode($this->int_forumid)."&msgid=$msgid&position=$this->int_position&sort_by=$this->int_sort_by&order=$this->int_order\" type=\"multipart/form-data\">\n");
          $this->reply_post_table("reply","Re:".$headline[0],$mystyle);
}
print("</body>\n</html>");

$this->close_database();

}

function post_new_thread() {

	$this->connect_to_database();
	$this->init_variables();

if (!empty($_POST["post"])) {
	$message_body=$this->validate($_POST["post_body"]);
	$message_headline=addslashes(strip_tags($_POST["post_headline"]));
	if (empty($message_headline) || empty($message_body)) $this->display_error("Empty Subject or message body not permitted");

$insert_query=<<< INSERT_QUERY
insert into $this->int_post_table ($this->int_post_member,$this->int_post_headline,$this->int_post_body,$this->int_post_date_posted) values ('$this->member','$message_headline','$message_body',now())
INSERT_QUERY;
   
	$this->execute_query($insert_query);
	print ("<html>\n<head>\n<title>Post new thread to $this->int_forumid Forum</title>\n$this->generator\n");
	$mystyle=new style($this->style_type); 
	print("\n</head>\n<body>\n");
	print ("<h3>Your thread has been uploaded</h3>\n");
	print ("<a href=\"$this->display_forum?forumid=".urlencode($this->int_forumid)."&position=$this->int_position&sort_by=$this->int_sort_by&order=$this->int_order\">Go back</a>\n");
	}
else {
print ("<html>\n<head>\n<title>Post new thread to $this->int_forumid Forum</title>\n$this->generator\n");
$mystyle=new style($this->style_type); 
$this->insert_javascript("for_post_page");
print("</head>\n<body>
<h4>Post new thread to $this->int_forumid Forum</h4>
<a href=\"$this->display_forum?forumid=".urlencode($this->int_forumid)."&position=$this->int_position&sort_by=$this->int_sort_by&order=$this->int_order\">Go back</a>
<br/>
<br/>
<form name=\"post_form\" method=\"post\" action=\"$this->int_target?forumid=".urlencode($this->int_forumid)."&position=$this->int_position&sort_by=$this->int_sort_by&order=$this->int_order\" type=\"multipart/form-data\">\n");
$this->reply_post_table("post","",$mystyle);
}
print("</body>\n</html>");

$this->close_database();
	
}

function reply_post_table($action,$headline,$mystyle) {
	
	$body_name=$action."_body";
	$date=date("D d M Y");
	$headline_name=$action."_headline";
	$table_body_style=$mystyle->table_body_section[0];
	$menu=$this->create_menu();
	
print <<< REPLY_POST_TABLE
<table border="$mystyle->table_border" cellspacing="$mystyle->table_cell_spacing" cellpadding="$mystyle->table_cell_padding" width="$mystyle->table_width" height="$mystyle->height">	
<tr>
<td class="$mystyle->table_info_section">Subject</td>
<td class="$mystyle->table_info_section"><input type="text" name="$headline_name" size="$this->headline_length_limit" maxlength="$this->headline_length_limit" value="$headline"></td>
</tr>
<tr>
<td class="$mystyle->table_info_section">Posting Date</td>
<td class="$table_body_style">$date</td>
</tr>
<tr>
<td class="$mystyle->table_info_section">HTML Options</td>
<td class="$table_body_style">$menu</td> 
</tr>
<tr>
<td class="$mystyle->table_info_section">Body:</td>
<td class="$table_body_style"><textarea name="$body_name" cols="70" rows="20" wrap="physical"></textarea></td>
</tr>
<tr>
<td class="$mystyle->table_info_section">&nbsp;</td>
<td class="$table_body_style"><input type="submit" name="$action" value="$action" onClick="javascript:this.value='Please Wait...';"></td>
</tr>
</table>	
</form>\n
REPLY_POST_TABLE;
}

function create_menu() {
$menu= <<< CREATE_MENU
<input type="button" name="strong" value="Bold" onclick="insert_element('bold');">
<input type="button" name="em" value="Italics" onclick="insert_element('italics');">
<input type="button" name="url" value="URL" onclick="insert_element('url');">
<input type="button" name="Mail" value="Mail" onclick="insert_element('mail');">
<input type="button" name="subscript" value="SUB" onclick="insert_element('subscript');">
<input type="button" name="superscript" value="SUP" onclick="insert_element('superscript');">
CREATE_MENU;
return $menu;
}

function insert_javascript($for_what) {

	switch($for_what) {
		case "for_post_page":
		 	$form_name="post_form";
	    		$form_body="post_body";
			break;
		case "for_replies_page":
			$form_name="reply_form";
	       		$form_body="reply_body";
			break;
		}
			
print ("\n<script language=\"JavaScript\">\n<!--\n");
$this->insert_element($form_name,$form_body);
print ("//-->\n</script>\n");

}

function insert_element($form_name,$form_body) {
print <<< JAVASCRIPT_FOR_MENU
function insert_element(myelement) {
switch (myelement) {
case "bold" :
	var bold_text=window.prompt("Type the text you want to make bold ","");
	document.$form_name.$form_body.value=document.$form_name.$form_body.value+bold_text.bold();
	break;
case "italics" :
	var it_text=window.prompt("Type the text you want to make italics","");
	document.$form_name.$form_body.value=document.$form_name.$form_body.value+it_text.italics();
	break;
case "url" :
	var url_text=window.prompt("Type the url address you want to insert (without the http prefix)","");
	document.$form_name.$form_body.value=document.$form_name.$form_body.value+url_text.link("http://"+url_text);
	break;	
case "mail" :
	var mail=window.prompt("Type the e-mail address you want to insert ","");
	document.$form_name.$form_body.value=document.$form_name.$form_body.value+mail.link("mailto:"+mail);
	break;
case "subscript":
	var substring=window.prompt("Type the text for the subscript effect ","");
	document.$form_name.$form_body.value=document.$form_name.$form_body.value+substring.sub();
	break;
case "superscript":
	var substring=window.prompt("Type the text for the superscript effect ","");
	document.$form_name.$form_body.value=document.$form_name.$form_body.value+substring.sup();
}
}\n\n
JAVASCRIPT_FOR_MENU;
}

}
?>

